1. Field
Invention relates to data processing of electronic messages within a computer network, and in particular to a system for managing permissions for delivery of electronic messages.
2. Related Art
A substantial portion of electronic messages (such as email; instant messages; text messages to mobile telephones; or voice over Internet protocol, also known as VoIP) sent via the Internet is unsolicited and undesired by the recipient. The majority of these messages are sent in bulk, that is, a sender causes the transmission of messages to a large number of recipient addresses. The effort and cost to the sender of transmitting electronic messages in bulk is minimally additional to that of transmitting a single message. These messages may be referred to as Unsolicited Bulk Electronic messages, or UBE. The time spent by recipients of UBE deleting or sifting through such messages in order to access desired messages is unproductive and adds unnecessary cost to the use of electronic messaging and telephony.
One method for dealing with UBE comprises filtering the addresses from which messages identify themselves as being sent, deleting messages from addresses that are known to send UBE. U.S. Pat. No. 6,622,909 by Thomas, et al. and U.S. Pat. No. 6,393,465 by Leeds use differing approaches within this method. This method is continually defeated by the use of new sender addresses.
A second method comprises filtering the content of messages, deleting messages comprising content commonly associated with UBE. Since legitimate messages may contain content similar to that found in UBE, such filters limit themselves to purging only those messages that are unlikely to be legitimate in order to avoid deletion of legitimate messages. U.S. Pat. No. 6,553,358 by Horvitz and U.S. Pat. No. 6,621,930 by Smadja disclose filtering UBE with greater accuracy. This results in a method that somewhat reduces but does not eliminate delivery of UBE.
A third method provides a set of secondary addresses that are associated with a single primary email address. Messages sent to any secondary address are received by the primary address. When any of the secondary addresses receives a volume of UBE that the recipient considers excessive, the recipient discontinues use of that secondary address. Additional secondary addresses are added as required. U.S. application Ser. No. 20020023135 describes a form of this method. This method also reduces but does not stop delivery of UBE.
A fourth method (challenge-response) comprises replying to a message from an unknown sender with a request for a response. U.S. Pat. No. 6,546,416 by Kirsch describes this method, as do U.S. application Ser. No. 20030187942, U.S. application Ser. No. 20030167311, and U.S. application Ser. No. 20030009698. If a response is received and is acceptable, the original message is delivered. Although this method stops delivery of UBE, it has the following undesirable effects: First, for every message received from an unknown sender, an additional message must be sent by an email server over the Internet. Second, for a legitimate message to be sent to and received by a new recipient, three messages are required.
A fifth method, sender authentication, attempts to determine whether the sender address of a message is forged. Falsifying sender addresses and other header information is a method used by some senders of UBE to evade accountability. Implementation of sender authentication enables message handlers to discard messages that can be determined to have falsified headers. A sender authentication system can only authenticate messages from companies that participate in the system. Consequently, the proponent of each system seeks the system's mass adoption across the Internet. Sender authentication provides no solution for messages that originate from non-participating senders. Such messages cannot be denied delivery because they may be legitimate. Sender authentication schemes discourage but do not prevent delivery of commercial messages that are illegal for reasons other than falsification of headers, do not prevent delivery of unsolicited but legitimate advertising messages sent in bulk, and do not prevent delivery of messages sent to UBE mailing lists from computers participating in the authentication system that are manipulated by spam-sending viruses.
With sender authentication, including the method entitled “DomainKeys” that is sponsored by at least Yahoo!, Inc., the capability of generating the authenticating code that is later verified by an incoming message handler is maintained under the control of the sender or its agents, who can thus generate an unlimited number of authenticating codes for senders for their messages.
A sixth method comprises requiring permission or prior approval before allowing delivery of a message. In some of these methods, potential recipients may add a sender address to a list of trusted senders whose electronic messages will be delivered regardless of their inclusion of any permissions. Inventions that use this method are described next.
U.S. Pat. No. 6,356,935 by Gibbs describes a method wherein an electronic message will only be accepted if it contains an “adapted digital signature.” The signature is based on the sender address and the recipient address and can be provided to the sender by the potential recipient. A later patent by the same inventor, U.S. Pat. No. 6,615,348, references this patent and references U.S. Pat. No. 6,085,321 by Gibbs, et al., both of which describe methods of generating the adapted digital signature. These inventions require that a sender, in order to obtain permission to send email, communicate with the potential recipient using some method other than email.
U.S. Pat. No. 6,574,658 by Gabber, et al. describes a method wherein an electronic message will only be accepted if it contains an “extended source address.” One purpose of this method is to ensure that an initial message is sent from a valid email address. A sender may request an extended source address by (1) communicating with an intended recipient by a method other than email, (2) sending an initial electronic message to the potential recipient, or (3) registering at a web site. In each case an electronic message will be sent to the sender in an attempt to verify the address. Registration of the sender address at a web site requires the sending of an electronic message from the web site to the sender address requesting a reply from the sender that ensures that the sender address is valid. This invention further requires that extended source addresses be used for future communication between the sender and the recipient.
U.S. Pat. No. 6,405,319 by Arnold, et al. describes a method wherein an electronic message will only be accepted if it contains an “information access code.” The code may only be obtained by communicating with the potential recipient using some method other than email.
U.S. Pat. No. 6,266,692 by Greenstein describes a method wherein a new field is added to the headers of electronic messages, the new header intended to contain a password. This invention requires a change in Internet email protocol to allow for the new field.
U.S. application Ser. No. 20020059385 by Lin describes a method wherein an electronic message will only be accepted if it contains a “trustcode” or if it is sent from one or more specific web sites. The sender may either (1) obtain a trustcode by communicating with the potential recipient using some method other than email, or (2) access a web site and supply a sender address, a recipient address and the body of a message, and request that the message be sent to the recipient. The sender may then receive a trustcode in an electronic message from the recipient.
Methods above that require permissions place a burden on email servers, the Internet, or individual senders by requiring one or more of the following actions:                Internet email protocol must be modified and all related software updated.        An email server must reply to every electronic message, which is not otherwise deleted or accepted, that is sent from an unknown sender.        A sender must communicate with an intended recipient using a method other than email prior to receiving permission to send an electronic message.        A sender must send an initial message to a potential recipient that will not be delivered, receive a second message containing some form of permission that will allow delivery of a future electronic message, and reply with a third electronic message containing the acquired permission.        A sender must access a web site that will verify the sender address by email communication with the sender address, whereupon the sender will receive permission for a future electronic message to be delivered to a recipient.        A sender must access a web site that will send a message to the recipient on behalf of the sender.        
Accordingly, there is a need for a method that stops delivery of UBE, delivers legitimate electronic messages, does not require prior non-electronic communication between sender and recipient, does not require modification of electronic message headers, does not require delivery of any auxiliary electronic messages (such as for granting or verifying permissions), and imposes minimal effort on senders and receivers.